DO NOT MERGE Do not call RecoverySystem with DPMS lock held

Note DPM.wipeData() on a secondary user is now blocking, just like it's been always blocking on the primary user. Test: Manually tested wipeData() with ApiDemos, both on 1) the primary user, 2) a secondary user and 3) work profile. Test: adb shell am instrument -e class com.android.server.devicepolicy.DevicePolicyManagerTest -w com.android.frameworks.servicestests Bug 30681079 Change-Id: Ia832bed0f22396998d6307ab46e262dae9463838 Merged-in: Ia832bed0f22396998d6307ab46e262dae9463838 (cherry picked from commit efdec8f568)
2017-01-04 14:36:59 -08:00
parent f98ed6863a
commit 2317451acc
1 changed files with 34 additions and 28 deletions
--- a/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
+++ b/services/devicepolicy/java/com/android/server/devicepolicy/DevicePolicyManagerService.java
@@ -4536,7 +4536,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        }
    }
-    private void wipeDataLocked(boolean wipeExtRequested, String reason) {
+    private void wipeDataNoLock(boolean wipeExtRequested, String reason) {
        if (wipeExtRequested) {
            StorageManager sm = (StorageManager) mContext.getSystemService(
                    Context.STORAGE_SERVICE);
@@ -4556,13 +4556,14 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
        }
        final int userHandle = mInjector.userHandleGetCallingUserId();
        enforceFullCrossUsersPermission(userHandle);
        final String source;
        synchronized (this) {
            // This API can only be called by an active device admin,
            // so try to retrieve it to check that the caller is one.
            final ActiveAdmin admin = getActiveAdminForCallerLocked(null,
                    DeviceAdminInfo.USES_POLICY_WIPE_DATA);
-
+            source = admin.info.getComponent().flattenToShortString();
            final String source = admin.info.getComponent().flattenToShortString();
            long ident = mInjector.binderClearCallingIdentity();
            try {
@@ -4577,39 +4578,44 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
                        manager.wipe();
                    }
                }
                boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0;
                wipeDeviceOrUserLocked(wipeExtRequested, userHandle,
                        "DevicePolicyManager.wipeData() from " + source);
            } finally {
                mInjector.binderRestoreCallingIdentity(ident);
            }
        }
        final boolean wipeExtRequested = (flags & WIPE_EXTERNAL_STORAGE) != 0;
        wipeDeviceNoLock(wipeExtRequested, userHandle,
                "DevicePolicyManager.wipeData() from " + source);
    }
-    private void wipeDeviceOrUserLocked(boolean wipeExtRequested, final int userHandle, String reason) {
+    private void wipeDeviceNoLock(boolean wipeExtRequested, final int userHandle, String reason) {
-        if (userHandle == UserHandle.USER_SYSTEM) {
+        final long ident = mInjector.binderClearCallingIdentity();
-            wipeDataLocked(wipeExtRequested, reason);
+        try {
-        } else {
+            if (userHandle == UserHandle.USER_SYSTEM) {
-            mHandler.post(new Runnable() {
+                wipeDataNoLock(wipeExtRequested, reason);
-                @Override
+            } else {
-                public void run() {
+                mHandler.post(new Runnable() {
-                    try {
+                    @Override
-                        IActivityManager am = mInjector.getIActivityManager();
+                    public void run() {
-                        if (am.getCurrentUser().id == userHandle) {
+                        try {
-                            am.switchUser(UserHandle.USER_SYSTEM);
+                            IActivityManager am = mInjector.getIActivityManager();
-                        }
+                            if (am.getCurrentUser().id == userHandle) {
                                am.switchUser(UserHandle.USER_SYSTEM);
                            }
-                        boolean isManagedProfile = isManagedProfile(userHandle);
+                            boolean isManagedProfile = isManagedProfile(userHandle);
-                        if (!mUserManager.removeUser(userHandle)) {
+                            if (!mUserManager.removeUser(userHandle)) {
-                            Slog.w(LOG_TAG, "Couldn't remove user " + userHandle);
+                                Slog.w(LOG_TAG, "Couldn't remove user " + userHandle);
-                        } else if (isManagedProfile) {
+                            } else if (isManagedProfile) {
-                            sendWipeProfileNotification();
+                                sendWipeProfileNotification();
                            }
                        } catch (RemoteException re) {
                            // Shouldn't happen
                        }
                    } catch (RemoteException re) {
                        // Shouldn't happen
                    }
-                }
+                });
-            });
+            }
        } finally {
            mInjector.binderRestoreCallingIdentity(ident);
        }
    }
@@ -4789,7 +4795,7 @@ public class DevicePolicyManagerService extends IDevicePolicyManager.Stub {
            }
            if (wipeData) {
                // Call without holding lock.
-                wipeDeviceOrUserLocked(false, identifier,
+                wipeDeviceNoLock(false, identifier,
                        "reportFailedPasswordAttempt()");
            }
        } finally {